Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
businessobjects xi vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2005-4813
Unspecified vulnerability in Report Application Server (Crystalras.exe) prior to 11.0.0.1370, as used in Business Objects Crystal Reports XI, Crystal Reports Server XI, and BusinessObjects Enterprise XI, allows remote malicious users to cause a denial of service (application hang...
Businessobjects Crystal Enterprise Xi
Businessobjects Crystal Reports Server Xi
Businessobjects Crystal Reports Xi
Businessobjects Report Application Server 11.0.0.0
5
CVSSv2
CVE-2014-8309
SAP BusinessObjects 4.0 and BusinessObjects XI (BOXI) R2 and 3.1 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote malicious users to enumerate valid usernames via SecEnterprise authent...
Sap Businessobjects Xi 3.1
Sap Businessobjects Xi R2
Sap Businessobjects 4.0
10
CVSSv2
CVE-2015-7730
SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and BusinessObjects XI (BOXI) 3.1 R3 allow remote malicious users to cause a denial of service (out-of-bounds read and listener crash) via a crafted GIOP packet, aka SAP Security Note 2001108.
Sap Businessobjects 4.1
Sap Businessobjects Xi 3.1
Sap Businessobjects Xi R3
Sap Businessobjects Edge 4.0
9.3
CVSSv2
CVE-2008-0379
Race condition in the Enterprise Tree ActiveX control (EnterpriseControls.dll 11.5.0.313) in Crystal Reports XI Release 2 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via the SelectedSession method, which triggers a buffer...
Businessobjects Crystal Reports Xi R2
1 EDB exploit
7.6
CVSSv2
CVE-2006-6133
Stack-based buffer overflow in Visual Studio Crystal Reports for Microsoft Visual Studio .NET 2002 and 2002 SP1, .NET 2003 and 2003 SP1, and 2005 and 2005 SP1 (formerly Business Objects Crystal Reports XI Professional) allows user-assisted remote malicious users to execute arbitr...
Microsoft Visual Studio .net 2005
Businessobjects Crystal Reports Xi
Microsoft Visual Studio .net 2002
Microsoft Visual Studio .net 2003
1 EDB exploit
4.3
CVSSv2
CVE-2008-1894
Cross-site scripting (XSS) vulnerability in desktoplaunch/InfoView/logon/logon.object in BusinessObjects InfoView XI R2 SP1, SP2, and SP3 Java version before FixPack 3.5 allows remote malicious users to inject arbitrary web script or HTML via the cms parameter.
Businessobjects Infoview
Businessobjects Infoview Xi R2
9
CVSSv2
CVE-2010-3983
CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote authenticated users to gain privileges via vectors involving the Program Job Server and the Program Login property.
Sap Businessobjects 3.2
4.3
CVSSv2
CVE-2010-3981
Cross-site scripting (XSS) vulnerability in SAP BusinessObjects Enterprise XI 3.2 allows remote malicious users to inject arbitrary web script or HTML via the ServiceClass field to the Edit Service Parameters page.
Sap Businessobjects 3.2
5
CVSSv2
CVE-2010-3979
Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates different error messages depending on whether the Login field corresponds to a valid username, which allows remote malicious users to enumerate account names via a login SOAPAction to the dswsbobje/services/session URI.
Sap Businessobjects 3.2
5
CVSSv2
CVE-2010-3982
SAP BusinessObjects Enterprise XI 3.2 allows remote malicious users to trigger TCP connections to arbitrary intranet hosts on any port, and obtain potentially sensitive information about open ports, via the apstoken parameter to the CrystalReports/viewrpt.cwr URI, related to an &...
Sap Businessobjects 3.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »